UK warned of major hack attack

The hacking group is apparently engaged in an ‘industrial scale’ attack designed to cull commercially and economically valuable information from vital computer networks across the UK. The attacks have been going on for several months and have involved the communications, energy, finance, health, government and transport sectors, according to a report in The Age. The agency warned that while most of the attacks had been against central government computer systems, companies and individuals were also at risk. The NISCC said that the attackers generally gained access to systems by sending e-mails to individuals who worked with sensitive data. The e-mails, which appeared to come from a trusted source, also contained an attachment or Web link that, when clicked, secretly installed a Trojan program on the machine, which allowed the attacker remote access. According to the Financial Times, the NISCC believes that no significant information has been stolen; however, there is concern the attacks could spread to the wider business community, in particular, financial institutions. Roger Cumming, director of NISCC, urged all businesses to monitor their IT systems and tighten security. Full report in The Age Full Financial Times report Visit the NISCC site

In an effort to protect IT systems from attack, companies are increasingly hiring ‘white hat’ ethical hackers to test their networks for vulnerabilities, reports the Financial Times. According to Antony Smyth, of Ernst & Young, banks and financial institutions have been taking these kinds of measures for some time, but the trend is starting to be picked up more broadly across all businesses. As a result, ethical hacking teams are springing up at professional services firms such as Ernst & Young, KPMG and Deloitte, as well as at IT companies such as IBM. The report notes that contracts are crucial when undertaking ethical hacking as some of the probing required could easily fall foul of a country’s computer misuse laws. Full Financial Times report